-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-103A
Microsoft Updates for Multiple Vulnerabilities
Original release date: April 13, 2010
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Exchange
Overview
Microsoft has released updates to address vulnerabilities in
Microsoft Windows, Microsoft Office, and Microsoft Exchange.
I. Description
Microsoft has released security bulletins for multiple
vulnerabilities in Microsoft Windows, Microsoft Windows Media
Server on Windows 2000 Server, Microsoft Office Publisher,
Microsoft Office Visio, and Microsoft Exchange. These bulletins are
described in the Microsoft Security Bulletin Summary for April
2010.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code,
cause a vulnerable application to crash, or spoof IPv4 addresses.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for April 2010. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
IV. References
* Microsoft Security Bulletin Summary for April 2010 -
<http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-103A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@xxxxxxxx> with "TA10-103A Feedback VU#570980" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TEYT6pPKYJORa3AQI8WggAhOE9eq33blbV7ZzCXYp7HolNgqrQyS5I
nuwcdGnLSL58IuELknYG1hSc0xQ8HuFoqjrGpQS12ie6ZxfwfCC5T0hn0jtoW2bo
MXKh2/EchmUsjTyLbMnI0dRdTKOx1IGx+zLgbAjLYgmqKyNP674luMToXGLf3Q3+
pJStg5OBFRRZcXlYSnDHjrG/sA9mXo1Wg+0nOnCfZtZLNAvhm1Kl6BMncSNhcw1s
EBgyGeSzQji9W88b5iJ/tNLscCgqExRh6KvWkNd8oxJEn1WvZVCQW1X4M9oqN75M
jK+EZ7tYc5E+yn2evWpSqGQByBBig04MCu/cMP2uKCwNbCjnetwrMg==
=io+S
-----END PGP SIGNATURE-----
